[aur-general] aur website default ssl

Ionuț Bîru ibiru at archlinux.org
Thu Oct 28 11:01:31 EDT 2010

On 10/28/2010 03:27 AM, Loui Chang wrote:
> On Wed 27 Oct 2010 14:14 +0200, Pierre Schmitz wrote:
>> On Wed, 27 Oct 2010 11:40:19 +0300, Ionuț Bîru<ibiru at archlinux.org>
>> wrote:
>>> As i said earlier in a reply to Loui, maybe we can do it
>>> better.Having https only for login and then redirecting to http is
>>> like not having it at all.
>> Simply using https for all connections is the easiest and best solution
>> imho. Everything in between is either insecure or inconvenient for the
>> users. And I also don't see the need for it. Every sane http client
>> should handle a http redirect and https. If it does not it's just a bug
>> in the client. Of course it is unfortunate that this wasn't tested by
>> the clyde author before.
> I would appreciate if you consult aur-dev before making changes to the
> AUR. Can you please describe how you made this change, and how we can
> enable normal http?

seriously, why did you changed it back to http over https?

in less than 1 day all aur helpers are working again and i don't see a 
reason to use http again. Really, what's the point?


More information about the aur-general mailing list